eSoft CTO Patrick Walsh sent up a warning flare regarding tax time phishing attempts claiming to be from the IRS, as noted in his Infosecurity blog post today. The emails are a variation of the usual IRS phishing expeditions that typically target end users during tax time, but this campaign aims to infect organizational machines through corporate rather than personal email.
According to Walsh, opening the attached document begins the process of infecting the user’s machine with a monitoring trojan that will “report back to the attacker and download malicious payloads”. Walsh warns that although the attachment appears to be a Word document – luring unsuspecting readers into opening the doc – it is actually an RTF file that contains a hidden executable.
Walsh preaches caution when dealing with so-called reminders or warnings purporting to be from the IRS. “The IRS will never email you if they need to contact you”, he said. “Any emails coming from them are likely malicious scams.”